The present invention relates generally to a location verification method, and more particularly, but not by way of limitation, to a system, method, and computer program product for verifying a location of a device based on comparing a measurement from the user device location with a measurement from a second device location to determine whether the user device location is within a threshold proximity of the second device to grant access for the user device to the second device.
Handheld (portable) devices send a location of a device based on a Global Positioning System (GPS) coordinates signal. However, these coordinates can be “faked” (or misrepresented) by an owner (or another user) of the device if required to gain access to an access point that requires a location verification.
Conventionally, access to specific resources can be given based on an identification and a location of the user. The user is typically given a device that can send a location (e.g., based on GPS coordinates). This, along with the credentials of the user is used to verify that a user is at a particular location. Thus, a two-tier security measure is in place. However, unless the device is tamper-resistant, the owner (or a third party) can fake the location of the device. Global attestation procedure is a way of making the job of a malicious user difficult by validating credentials from surrounding devices called “Brokers”. For example, access to a server can be guaranteed only if the user's device is connected to the office network through Wifi. In this case, the access point reports that the user is physically connected to the office network and hence is likely inside the office (or at least nearby).
Thus, the needs in the art include a location verification technique that is not susceptible to location spoofing due to the one-way verification required from the device-to-server verification.